package com.ezcolour.ticket.common.filter;

import com.ezcolour.ticket.bean.ErrorTip;
import com.ezcolour.ticket.bean.JwtProperties;
import com.ezcolour.ticket.support.BizExceptionEnum;
import com.ezcolour.ticket.util.JwtTokenUtil;
import com.ezcolour.ticket.util.RenderUtil;
import io.jsonwebtoken.JwtException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 对客户端请求的jwt token验证过滤器
 *
 * @author fengshuonan
 * @Date 2017/8/24 14:04
 */
public class AuthFilter extends OncePerRequestFilter {

    private final Log logger = LogFactory.getLog(this.getClass());

    @Autowired
    private JwtTokenUtil jwtTokenUtil;

    @Autowired
    private JwtProperties jwtProperties;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
        if(!request.getServletPath().startsWith("/web") || request.getServletPath().startsWith("/web/page")){
            chain.doFilter(request, response);
            return;
        }
        String authPath = "/web/api/" + jwtProperties.getAuthPath();
        String indexPath = "/web/api/index";
        String registerPath = "/web/api/register";
        //如果是请求鉴权  放行
        if (request.getServletPath().equals(authPath) || request.getServletPath().equals(indexPath) || request.getServletPath().equals(registerPath)) {
            chain.doFilter(request, response);
            return;
        }
        String orderpath ="/web/api/auto";
        if(request.getServletPath().startsWith(orderpath)){
            chain.doFilter(request, response);
            return;
        }
        //以下请求非鉴权(用途场景:鉴权成功)
        //获取请求头中Authorization参数值
        final String requestHeader = request.getHeader(jwtProperties.getHeader());
        String authToken = null;
        //判断请求中token存在
        if (requestHeader != null && requestHeader.startsWith("Bearer ")) {
            //截取请求头包含的token值
            authToken = requestHeader.substring(7);
            //验证token是否过期,包含了验证jwt是否正确
            try {
                boolean flag = jwtTokenUtil.isTokenExpired(authToken);
                if (flag) {
                    //token过期 发送过期消息
                    RenderUtil.renderJson(response, new ErrorTip(BizExceptionEnum.TOKEN_EXPIRED.getCode(), BizExceptionEnum.TOKEN_EXPIRED.getMessage()));
                    return;
                }
            } catch (JwtException e) {
                //有异常就是token解析失败
                RenderUtil.renderJson(response, new ErrorTip(BizExceptionEnum.TOKEN_ERROR.getCode(), BizExceptionEnum.TOKEN_ERROR.getMessage()));
                return;
            }
        } else {
            //header没有带Bearer字段
            RenderUtil.renderJson(response, new ErrorTip(BizExceptionEnum.TOKEN_ERROR.getCode(), BizExceptionEnum.TOKEN_ERROR.getMessage()));
            return;
        }
        chain.doFilter(request, response);
    }
}